Workflow gates registry
gates.toml in this directory is the machine-readable workflow-gates
registry: the single authority for each capOS workflow gate’s name, command,
what it proves, applicability (slice class / hazards / path patterns), and
enforcement point.
It exists to end gate-description drift. Gate prose used to be restated across
../../CLAUDE.md, ../../AGENTS.md,
../../REVIEW.md, ../../REVIEW_CYCLE.md,
../../tools/check-workflow-hygiene.sh, per-task loopyard validation fields,
and ../../tools/slice-review/slices.toml; every process change meant editing
all of them. Now those places reference gates by name and read this registry.
Authority model
- This registry is authoritative for each named gate.
- The
Makefilestays authoritative for the existence and recipe of everymaketarget.[families.qemu-smoke]captures the per-featurerun-*proof smokes as a family rather than enumerating the hundreds of concrete targets. .cargo/config.toml[alias]is authoritative forcargohost-test aliases.
Consumers
All consumers read the registry through ../../tools/workflow_gates.py:
../../tools/check-workflow-hygiene.sh(make workflow-check) validates that every gate-shaped token in a commit’sEvidence:trailer resolves to a registered gate or a real Makefile target / cargo alias.../../tools/slice-review/slices.tomlnames each per-slice check bygate = "...";review_slice.pyresolves the command from this registry.tools/workflow_gates.py check-vocab <entries...>validates the gate-shaped tokens in a loopyard taskvalidationfield against the registry (free-form ad-hoc validation commands pass) for a loopyard-side adapter or hook.
Using the reader
python3 tools/workflow_gates.py list # registered gates + families
python3 tools/workflow_gates.py resolve run-smoke # -> make run-smoke
python3 tools/workflow_gates.py check-evidence "make run-net; git diff --check"
python3 tools/workflow_gates.py check-vocab "make workflow-check" run-smoke